If DDoS protection is implemented on devices in front of your server then you probably can use either GRE or IPIP tunnel if you have 2 linux boxes.
IPIP tunnel will only work for Linux OS (while GRE is more inter-operable, ie with cisco), more importantly ipip tunnel is only suitable for unicast packets. Broadcast won't be sent over.
This is really dead simple given you have a recent kernel and iproute2 package installed.
In order to create a tunnel you will need to create a virtual interface on both ends of the tunnel (server 1 and server 2).
Something like bellow should work:
root@server1:~$ ip tunnel add tunnel0 mode gre remote server2_ip
root@server1:~$ ip link set dev tunnel0 up
root@server2:~$ ip tunnel add tunnel0 mode gre remote server1_ip
root@server2:~$ ip link set dev tunnel0 up
Then make sure server1 doesn't have the IP address you want to allocate to server2 configured and add a route on server1 to join server2 IP:
root@server1:~$ ip r a ovh_ip dev tunnel0
And add the IP to server2
root@server2:~$ ip a a ovh_ip/32 tunnel0
At this point server1 should be able to ping ovh_ip on server2.
You should then need to configure server1 as a router to make ovh_ip reachable from anywhere on internet.
However with this simple configuration, be aware that routing on server2 is asymetric, packets coming in to ovh_ip will enter via interface test0 (so hoster2 routers will see a GRE packet), while response packets will be routed through server2 default gateway (hoster2 routers will see a regular IP packet). This can cause trouble with some firewalls or even with Linux rp_filter protection. Make sure it is not a problem.
If it is a problem you will have to make routing symetric by adding for additionnal source NAT when packets goes through tunnel0 at server1.
I hope it helps